Be sure to also allow connections to Crowd from the server Jenkins runs on. As of the current (1.5.1) release, this must be done per IP address; vote for http://jira.atlassian.com/browse/CWD-84 to allow this to be configured on a block basis.

Once you have the application configured in Crowd, you can enable Crowd-based security in Jenkins on the Manage Jenkins page. Enter the URL of the Crowd's servers endpoint (will typically be /crowd/services/ or /services/) as well as the application name and password you configured in Crowd.

Requirements

This plugin requires Hudson/Jenkins version 1.318 or higher. It has primarily been tested against Crowd version 1.6.

Troubleshooting

Users can log in, but Jenkins doesn't see some of their groups

Crowd has a setting, which can be set per application, called "Lower Case Output". If you have, e.g., a group called "SystemAdministrators", and "Lower Case Output" is set, then Crowd will pass this group name to Jenkins as "systemadministrators". To fix this, either:

Use all-lowercase group names in your authorization settings in Jenkins.

Or, turn off "Lower Case Output" in Crowd. This is on the "Options" tab for your Jenkins application. Note that if you do this, you must make sure to always use the correct capitalization in your Jenkins authorization settings.